ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Media File Manager plugin <= 1.4.2 - Directory Traversal vulnerability

Product
Media File Manager
Description
Directory Traversal vulnerability found by boombyte in WordPress Media File Manager plugin (versions <= 1.4.2).
Solution
WordPress Media File Manager plugin was closed on 2018 November 8 and is no longer available for download. Please deactivate and uninstall plugin as soon as possible.
Classification
Type Directory Traversal
OWASP Top 10 A4: Insecure Direct Object References
References
Plugin page
CVE
Name CVE-N/A
Versions
Affected In <= 1.4.2
Disclosure date
2018-11-13
Credits
boombyte
Submitter
ThreatPress